James A. Tunnicliffe wrote:
Dale Thorn writes (in part):
I'm tending to think that, instead of using PGP for all encoding (even though it may have multiple facilities for all situations), a message could be encrypted with a good trusted private-key system or whatever, then the private key encrypted with the Public Key software and sent either separately or with the message.
But you've described exactly what PGP does. It encrypts the message with a "good, trusted private-key system" -- IDEA, which has undergone significant peer review, has a long-enough key (128 bits), and has exhibited no significant weaknesses or shortcuts to brute force (which is impossible, given the key length). It then encrypts the IDEA session key that was used with the recipient's public key, and bundles the the IDEA-encrypted message and the RSA-encrypted session key (and optionally, a signed hash of the message) for delivery to the recipient.
I hope I'm not repeating this in more than one or two places, but the idea originated as a way to verify PGP code, i.e., if one could verify some minimal portion of it sufficient to send a small message (i.e., a private key), one could then rely on his/her own favorite (and really well verified) private key software to do the bulk of the encryption. Relying on one software program (despite the hoopla) to "do it all" is, in my book, a prescription for disaster. The peer-review statements notwithstanding, the PGP source code, at 60,000 or so lines, and without a doubt way too complex for one individual and his/her closest trusted associates to verify, cannot be trusted without a really clean rewrite, using a heirarchical design of some sort, where all code is completely consistent and well-annotated, broken into numerous small functions, and is very easy to read and follow. If you think the above can't be justified, as in the example that PGP will have to be continuously updated in its central routines, so as to maintain its "edge" in security, well, that would imply that its security is seriously lacking if attacked by advanced hackers. I know it may not be a perfect analogy, but remember the HSCA board review from the late 1970's regarding certain forensics in the JFK case? If I'm not mistaken, the central points demonstrating conspiracy were upheld by only one professional out of approximately 12, i.e., Cyril Wecht. Now you're not going to convince any jury I know of that Oswald did it, or did it alone, but getting past that and to the professionals who did the reviews of certain evidence, it should be obvious that in cases where there may be *very important* programs for which the public needs to be convinced of this-or-that, the government-controlled institutions (i.e., the major universities) can come up with all the experts it needs to convince people of this-or-that. Some of these I know personally...